Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

108,855 advisories

Loading
Moodle Improper Access Control vulnerability Moderate
CVE-2023-5542 was published for moodle/moodle (Composer) Nov 9, 2023
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.9.... Moderate Unreviewed
CVE-2023-6053 was published Nov 9, 2023
NASA Open MCT Cross Site Scripting vulnerability Moderate
CVE-2023-45885 was published for openmct (npm) Nov 9, 2023
MarkLee131
NASA Open MCT Cross Site Request Forgery (CSRF) vulnerability Moderate
CVE-2023-45884 was published for openmct (npm) Nov 9, 2023
MarkLee131
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Mann Simple Site Verify... Moderate Unreviewed
CVE-2023-36688 was published Nov 9, 2023
On Windows, The IsLocal function does not correctly detect reserved device names in some cases.... Moderate Unreviewed
CVE-2023-45284 was published Nov 9, 2023
AsyncSSH Rogue Extension Negotiation Moderate
CVE-2023-46445 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor lambdafu
Any value can be changed in the configuration table by an employee having access to block reassurance module Moderate
CVE-2023-47110 was published for prestashop/blockreassurance (Composer) Nov 9, 2023
A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network... Moderate Unreviewed
CVE-2023-6039 was published Nov 9, 2023
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers... Moderate Unreviewed
CVE-2023-47372 was published Nov 9, 2023
The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers... Moderate Unreviewed
CVE-2023-47369 was published Nov 9, 2023
The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to... Moderate Unreviewed
CVE-2023-47367 was published Nov 9, 2023
The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47370 was published Nov 9, 2023
The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47368 was published Nov 9, 2023
The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47366 was published Nov 9, 2023
The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47373 was published Nov 9, 2023
The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47363 was published Nov 9, 2023
The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to... Moderate Unreviewed
CVE-2023-47365 was published Nov 9, 2023
The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47364 was published Nov 9, 2023
A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is... Moderate Unreviewed
CVE-2023-6052 was published Nov 9, 2023
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit... Moderate Unreviewed
CVE-2023-47612 was published Nov 9, 2023
A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion... Moderate Unreviewed
CVE-2023-47613 was published Nov 9, 2023
Duplicate Advisory: Eclipse IDE XXE in eclipse.platform Moderate
GHSA-cc4w-3cff-j8fw was published for org.eclipse.platform:eclipse.platform (Maven) Nov 9, 2023 withdrawn
chromedriver Command Injection vulnerability Moderate
CVE-2023-26156 was published for chromedriver (npm) Nov 9, 2023
Cross Site Scripting vulnerability in MLDB.ai v.2017.04.17.0 allows a remote attacker to execute... Moderate Unreviewed
CVE-2023-46492 was published Nov 9, 2023
ProTip! Advisories are also available from the GraphQL API